Legal claims defining the scope of protection, as filed with the USPTO.
1. A computing platform, comprising: a CPU to execute an operating system (OS) having associated OS memory space; and a manageability engine operable when the operating system is not running, the manageability engine to provide an out-of-band (OOB) security agent to protect an in-band security agent in the OS memory space, the OOB security agent to run on the CPU beneath the OS, wherein the in-band security agent is to notify the OOB agent of possible malware activity.
2. The platform of claim 1 , in which the OOB agent is to protect the IB agent from malware.
3. The platform of claim 1 , in which the manageability engine comprises a network interface to provide a secure OOB channel to an external security agent service.
4. The platform of claim 1 , in which the manageability engine is implemented in a chip with firmware for the OOB agent.
5. The platform of claim 1 , in which the manageability engine is implemented in a network interface controller.
6. The platform of claim 1 , in which the manageability engine comprises a virtual redirect, enabling a remote re-boot of the CPU to activate the OOB agent.
7. The platform of claim 1 , in which the CPU has logic to validate the integrity of the OOB agent.
8. An apparatus, comprising: one or more chips with a manageability engine and non-volatile memory storing an out-of-band (OOB) security agent to run on a processor and to protect an in-band security agent running on the processor in an OS above the OOB agent, wherein the in-band security agent is to notify the OOB security agent of possible malware activity.
9. The apparatus of claim 8 , in which the manageability engine comprises a virtual redirect function to reboot the platform in order to activate the OOB agent.
10. The apparatus of claim 8 , in which the manageability engine comprises a network interface to provide OOB network connectivity to the platform.
11. The apparatus of claim 8 , in which the OOB agent is to provide to the non-volatile memory hash audit data from the platform to be analyzed by a remote security service linked with the manageability engine via a secure OOB channel.
12. The apparatus of claim 8 , in which the OOB agent is to run in a layer beneath a system operating system for the platform.
13. A system, comprising: a platform having a CPU with an associated OS and an out-of-band (OOB) capable manageability engine; and a remote security agent service to be linked to the platform via the manageability engine; wherein an OOB agent is to be executed outside of the OS to protect an in-band security agent running on the processor in an OS above the OOB agent, and wherein the in-band security agent is to notify the OOB agent of possible malware activity.
14. The system of claim 13 , in which the remote service provides the OOB agent to the platform.
Unknown
January 21, 2014
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.